Sonatype commemorates February 3rd as the anniversary of the creation of the term open source. The term's introduction represented a concerted effort to make sharing source code more understandable and accessible to a broader community of users.
Today, on World Open Source Day, we begin a series of posts to spotlight a few faces of the open source developer community. In these interviews, we seek to magnify each voice as a way of showing how individual experience contributes to the collective impact of open source.
In this post, we interview Theresa Mammarella, developer advocate on the Developer Relations team at Sonatype.
Collaborating with people I wouldn't necessarily get to work with otherwise, people that bring a lot of passion to the project they are working on even when they don't necessarily have to. Getting to work with users through channels like GitHub Issues is potentially not something I would have been able to do in a non-open-source type of developer role. For me, it's really important to be as involved as I can be with the people that are using the projects I'm involved with to maximize their practicality.
I kind of stumbled into it. My first full-time developer job was for IBM's J9 runtime, which has since become part of the Eclipse Foundation as OpenJ9. During my first three months on the job, my team transitioned from working on a fully closed code base to working fully in the open. Ever since then, I've been lucky to be involved in open source in one way or another. That has brought a lot of meaning to my career that I might not have been able to experience otherwise.
If there’s a community you are particularly interested in joining, do a lot of listening first to figure out what skills you have that can benefit the project and how you can build upon what they are already doing and be helpful, as opposed to just coming in and wanting to change things.
That advice applies to joining any kind of organization, but for open source it's especially important. Contributors may be participating as volunteers and have a limited amount of time with which to contribute. It's also not their job to help you implement your ideas, so be cooperative. Relationship building and maintaining is important in open source.
In the security space, there's some really interesting up-and-coming projects. The (OWASP) Vulnerability Management Guide is a solid reference to help organizations implement a security strategy through an incremental approach. OpenSSF Scorecard is steadily being adopted by open source projects and is intended to improve the adoption of security best practices. I'm looking forward to seeing the impact these projects will have.
The first person that comes to mind is my long-time former coworker, Dan Hiedinga. He's the project lead for Eclipse OpenJ9, an open source JVM contributor, and Java Champion. He taught me a lot about how to navigate that world and those relationships.
There are many open source contributors through Sonatype I continue to learn from as well. One of my current teammates, Eddie Knight, has taught me a lot about how to be a good open source steward as well.